ddb9b62a67ea453aaf4d94dce7369e93_JaffaCakes118 | Triage

Sharing

General

Target

ddb9b62a67ea453aaf4d94dce7369e93_JaffaCakes118
Size

216KB
MD5

ddb9b62a67ea453aaf4d94dce7369e93
SHA1

7b2a897f3e231355aae0509bcfb00c883855125e
SHA256

2ff9640349b248421a077946906831d657f88aa9228ee07b1e17200a015cb447
SHA512

f9262c5fc0fcb7b9e271971c708b86ceb6018746872a711f63654d0d61c496ee40b48d9765b658d8dc9da369ebda040dd7b6b96e9c689dc234a06e9effd20879
SSDEEP

3072:4JfvKS7luIw2Kf9BwOfrVJhv87jHOb9C5aDG5bPZJyapG6xieFDvP:4JfBuRjwsVJhvVIPjnVD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddb9b62a67ea453aaf4d94dce7369e93_JaffaCakes118

Files

ddb9b62a67ea453aaf4d94dce7369e93_JaffaCakes118
.exe windows:4 windows x86 arch:x86

318de8ea0a507819466553304b56baac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCommConfig
LockResource
Sleep
UnlockFileEx
SetConsoleCtrlHandler
GetPrivateProfileSectionA
GetCurrentDirectoryA
GetCommandLineW
HeapFree
GetSystemWindowsDirectoryA
GetEnvironmentStringsA
GetThreadLocale
GetThreadPriority
OpenEventA
TransmitCommChar
GetTempPathA
GetConsoleAliasExesLengthW
SetFilePointer
PulseEvent
SetEnvironmentVariableA
PeekConsoleInputA
EnumResourceTypesA
WriteProcessMemory
SetThreadPriority
GetLocaleInfoA
VirtualAlloc
GetConsoleWindow
HeapUnlock
HeapAlloc
CopyFileExA
ReadConsoleOutputA
GetFileSize
GetDllDirectoryA
GetConsoleAliasesLengthW
InterlockedExchange
BuildCommDCBAndTimeoutsW

ws2_32

recv

Sections

.itext
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 196KB - Virtual size: 844KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ